Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3jo-yCm0VWKHMV6GgEIfQ6e-vWg.roa
File: 3jo-yCm0VWKHMV6GgEIfQ6e-vWg.roa (raw, json)
Hash identifier: cksidW0V30pHKLPs2a+MqtbK9EPeJzE7YHhX1rKGdhU=
Subject key identifier: DE:3A:3E:C8:29:B4:55:62:87:31:5E:86:80:42:1F:43:A7:BE:BD:68
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0184E415442AFAE4733BACEFB10A7E299202
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3jo-yCm0VWKHMV6GgEIfQ6e-vWg.roa
Signing time: Mon 05 Dec 2022 20:58:29 +0000
ROA not before: Mon 05 Dec 2022 20:58:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211522
IP address blocks: 2a10:cc44:202::/48 maxlen: 48
2a10:cc44:203::/48 maxlen: 48
2a10:cc46:111::/48 maxlen: 48
2a10:cc44:201::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e4:15:44:2a:fa:e4:73:3b:ac:ef:b1:0a:7e:29:92:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 5 20:58:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de3a3ec829b4556287315e8680421f43a7bebd68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3d:95:1e:40:77:83:91:03:23:17:e9:23:d3:
0e:2a:76:a3:a9:b0:a1:5e:34:c6:65:82:d4:66:f2:
6a:f4:05:e7:6f:77:be:6d:7d:eb:2a:53:47:4d:5d:
c3:f8:1a:fc:2a:d8:32:64:d3:a2:10:45:84:f6:36:
83:b3:af:c0:55:6f:95:f7:59:a9:cb:c1:20:d6:7b:
a6:59:d9:14:fe:b3:be:cc:a0:7c:4c:f9:4c:34:a1:
40:52:29:10:cb:18:f9:20:0b:1a:06:89:80:09:90:
81:c2:bb:ac:27:6a:ed:7d:40:74:bb:eb:be:bb:4a:
45:78:fd:4b:dd:9f:fc:c2:e9:a1:44:db:44:97:6b:
f7:a4:f1:bb:2f:13:01:3b:8e:b5:4c:d4:a2:f4:1f:
9b:7f:c8:c4:70:c3:3f:4f:38:cc:6a:99:66:fc:06:
fc:60:2e:59:aa:30:06:b1:5f:79:8a:e4:8a:6b:3d:
0a:f6:df:d6:51:55:9a:47:1c:db:eb:30:77:07:f4:
d4:5a:cd:8d:45:99:80:ef:64:28:02:92:c0:3d:38:
fc:4e:ff:31:b6:34:75:c5:4c:31:23:9a:0d:08:04:
d2:b3:9f:0d:61:3e:9f:5b:bc:76:9f:b3:34:a0:90:
ef:07:39:95:48:57:a7:1b:be:e6:41:7d:82:af:4f:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3A:3E:C8:29:B4:55:62:87:31:5E:86:80:42:1F:43:A7:BE:BD:68
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3jo-yCm0VWKHMV6GgEIfQ6e-vWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc44:201::-2a10:cc44:203:ffff:ffff:ffff:ffff:ffff
2a10:cc46:111::/48
Signature Algorithm: sha256WithRSAEncryption
bb:d4:8e:86:38:fc:37:df:e5:5b:15:af:32:88:8c:57:aa:3b:
67:b2:cd:62:2f:cb:0b:3d:aa:fa:72:06:a9:bc:4c:e2:3b:af:
51:9a:79:95:6c:b8:cb:75:42:32:5f:0d:61:06:37:16:e1:39:
57:43:96:34:ef:c4:65:b8:af:65:a3:2f:41:e1:1b:f8:8b:5d:
01:38:11:a9:97:b5:dc:d2:31:88:e7:97:e7:64:5b:ce:11:81:
f8:3e:0a:f1:2d:98:d8:07:df:f7:33:e1:c3:8c:fc:ea:9c:24:
d7:98:94:45:67:0f:b8:d9:76:ef:c7:1a:38:a0:7a:2c:59:99:
4a:a3:80:94:16:8d:cd:b4:1a:33:53:76:3d:a3:f3:9d:b2:4f:
27:41:7d:4f:b2:64:68:3a:c9:c5:c9:04:61:22:0a:f9:f4:17:
69:b7:d1:6e:b3:9b:b2:80:b5:7c:e6:70:8e:77:14:e9:57:fa:
84:bc:43:39:d6:e0:13:ec:3d:a2:86:e9:e0:88:24:ce:56:b4:
a9:10:71:1f:1f:f6:dc:5d:d4:25:4c:e6:99:3b:67:eb:55:8f:
f6:83:2a:e7:ea:ec:7d:c6:d3:8d:e6:01:06:cc:2e:ab:2a:6b:
95:18:fd:45:2f:0f:70:ca:db:c5:20:4f:56:61:69:10:51:d6:
34:df:40:8c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYTkFUQq+uRzO6zvsQp+KZICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjA1MjA1ODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTNhM2VjODI5YjQ1NTYyODczMTVlODY4MDQyMWY0M2E3YmViZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT2VHkB3g5EDIxfpI9MOKnajqbCh
XjTGZYLUZvJq9AXnb3e+bX3rKlNHTV3D+Br8KtgyZNOiEEWE9jaDs6/AVW+V91mp
y8Eg1numWdkU/rO+zKB8TPlMNKFAUikQyxj5IAsaBomACZCBwrusJ2rtfUB0u+u+
u0pFeP1L3Z/8wumhRNtEl2v3pPG7LxMBO461TNSi9B+bf8jEcMM/TzjMaplm/Ab8
YC5ZqjAGsV95iuSKaz0K9t/WUVWaRxzb6zB3B/TUWs2NRZmA72QoApLAPTj8Tv8x
tjR1xUwxI5oNCATSs58NYT6fW7x2n7M0oJDvBzmVSFenG77mQX2Cr09/bwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFN46PsgptFVihzFehoBCH0Onvr1oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM2pvLXlDbTBWV0tITVY2R2dFSWZRNmUtdldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEMxE
AgEDBwIqEMxEAgADBwAqEMxGAREwDQYJKoZIhvcNAQELBQADggEBALvUjoY4/Dff
5VsVrzKIjFeqO2eyzWIvyws9qvpyBqm8TOI7r1GaeZVsuMt1QjJfDWEGNxbhOVdD
ljTvxGW4r2WjL0HhG/iLXQE4EamXtdzSMYjnl+dkW84Rgfg+CvEtmNgH3/cz4cOM
/OqcJNeYlEVnD7jZdu/HGjigeixZmUqjgJQWjc20GjNTdj2j852yTydBfU+yZGg6
ycXJBGEiCvn0F2m30W6zm7KAtXzmcI53FOlX+oS8QznW4BPsPaKG6eCIJM5WtKkQ
cR8f9txd1CVM5pk7Z+tVj/aDKufq7H3G043mAQbMLqsqa5UY/UUvD3DK28UgT1Zh
aRBR1jTfQIw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:13 2023 by rpki-client on console-fra.rpki-client.org